Exploit for Argument Injection in Gnu Inetutils

CVE-2026-24061 CVE-2026-24061 Telnet RCE Exploit For...

CVE-2025-40553

CVE-2025-40553 affects SolarWinds Web Help Desk. The vulnerability is an untrusted data deserialization flaw that could lead to remote code execution and can be exploited without authentication. Fixed in WHD 2026.1; users should apply the latest update to mitigate. The connected sources also refe...

Exploit for Use After Free in Apple Safari

Convergent-Time-Theory...

CVE-2026-24479

HUSTOF is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC and NOIP training. Prior to version 26.01.24, the problemimportqduoj.php and problemimporthoj.php modules fail to properly sanitize filenames within uploaded ZIP archives. Attackers can craft a malicious ZIP file...

ROS-20260128-73-0053

Vulnerability in kernel-lt related to memory usage after memory release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

DEBIAN-CVE-2026-24765

PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...

CVE-2026-23890

A flaw was found in pnpm, a package manager. A remote attacker can exploit a path traversal vulnerability by crafting malicious npm packages. This vulnerability allows the attacker to bypass validation by using bin names starting with an "@" symbol, enabling them to create executable shims or...

CVE-2026-1421

A vulnerability has been found in code-projects Online Examination System 1.0. Affected is an unknown function of the component Add Pages. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used...

PT-2026-6983

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security flaw exists in D-Link DIR-823X version 250416. The issue resides within the Configuration Handler component, specifically in the function sub 4208A0 located in the file /goform/set dmz...

GLSA-202601-01 : inetutils: Remote Code Execution

The remote host is affected by the vulnerability described in GLSA-202601-01 inetutils: Remote Code Execution The telnetd server invokes /usr/bin/login normally running as root passing the value of the USER environment variable received from the client as the last parameter. If the client supply ...

Cisco Unified Communications Manager command injection

Added: 01/26/2026 Background Cisco Unified Communications Manager is a product suite for managing voice and video communication and messaging. Problem A command injection vulnerability in multiple Cisco communications products could allow a remote attacker to execute arbitrary commands. Resolutio...

CVE-2026-0782

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

CVE-2026-0796

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

CVE-2021-47888 Textpattern 4.8.3 - Remote code execution

Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability that allows logged-in users to upload malicious PHP files. Attackers can upload a PHP file with a shell command execution payload and execute arbitrary commands by accessing the uploaded file through ...

CVE-2026-0796

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

CVE-2026-0788

ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability. This vulnerability allows remote attackers to execute web requests with a target user's privileges on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...

CVE-2026-0761

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

CVE-2025-11002

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on...

CVE-2026-0771 Langflow PythonFunction Code Injection Remote Code Execution Vulnerability

Langflow PythonFunction Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Attack vectors and exploitability will vary depending on the configuration of the product. The specific flaw exis...

CVE-2026-0768 Langflow code Code Injection Remote Code Execution Vulnerability

Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the code...